Category Started On Completed On Duration Cuckoo Version
FILE 2019-02-11 15:38:54 2019-02-11 15:39:18 24 seconds 1.2
Machine Label Manager Started On Shutdown On
WindowsXPSP3 WindowsXPSP3 VirtualBox 2019-02-11 15:38:55 2019-02-11 15:39:18

File Details

File name dgoodrick3_malware4.exe
File size 2317792 bytes
File type PE32 executable (console) Intel 80386, for MS Windows
CRC32 93238FDF
MD5 a7ab6e49a02e49b6db114cf2570c9ad0
SHA1 7293c2c46e99f314bd711c37536879ccfaa062d4
SHA256 15f88a157d9051c7a133bd5f79cd37a2887039937583ab299bd1a414efada6b8
SHA512 3c059c8ba5a6a0f1bce4e1ed25194629a1c918423806475c4907ae6d96cde2207ca089445920f06c0c3808216062f42314be8d7e2f621074e4d476faa7264a3e
Ssdeep 49152:bRsRWxNeChrdOQvFINQwX7/TfYJhlbESBDa22z2Bc:brbrdOQvFINQwX7bAJhlbESBDa22zZ
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2019-02-08 20:53:17
Detection Rate: 4/70 (Expand)

Signatures

No signatures matched

Screenshots

Static Analysis

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

Files
  • C:\WINDOWS\1.exe
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
  • HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\UnsafeSslApps

Processes

registry filesystem process services network synchronization

dgoodrick3_malware4.exe PID: 276, Parent PID: 1996

Volatility

Nothing to display.